128 lines
4.0 KiB
Python
128 lines
4.0 KiB
Python
from flask import Blueprint, jsonify, request
|
|
from sqlalchemy import exc, or_
|
|
|
|
from mpwo_api import appLog, bcrypt, db
|
|
|
|
from .models import User
|
|
|
|
auth_blueprint = Blueprint('auth', __name__)
|
|
|
|
|
|
@auth_blueprint.route('/auth/register', methods=['POST'])
|
|
def register_user():
|
|
# get post data
|
|
post_data = request.get_json()
|
|
if not post_data:
|
|
response_object = {
|
|
'status': 'error',
|
|
'message': 'Invalid payload.'
|
|
}
|
|
return jsonify(response_object), 400
|
|
username = post_data.get('username')
|
|
email = post_data.get('email')
|
|
password = post_data.get('password')
|
|
try:
|
|
# check for existing user
|
|
user = User.query.filter(
|
|
or_(User.username == username, User.email == email)).first()
|
|
if not user:
|
|
# add new user to db
|
|
new_user = User(
|
|
username=username,
|
|
email=email,
|
|
password=password
|
|
)
|
|
db.session.add(new_user)
|
|
db.session.commit()
|
|
# generate auth token
|
|
auth_token = new_user.encode_auth_token(new_user.id)
|
|
response_object = {
|
|
'status': 'success',
|
|
'message': 'Successfully registered.',
|
|
'auth_token': auth_token.decode()
|
|
}
|
|
return jsonify(response_object), 201
|
|
else:
|
|
response_object = {
|
|
'status': 'error',
|
|
'message': 'Sorry. That user already exists.'
|
|
}
|
|
return jsonify(response_object), 400
|
|
# handler errors
|
|
except (exc.IntegrityError, exc.OperationalError, ValueError) as e:
|
|
db.session.rollback()
|
|
appLog.error(e)
|
|
response_object = {
|
|
'status': 'error',
|
|
'message': 'Invalid payload.'
|
|
}
|
|
return jsonify(response_object), 400
|
|
|
|
|
|
@auth_blueprint.route('/auth/login', methods=['POST'])
|
|
def login_user():
|
|
# get post data
|
|
post_data = request.get_json()
|
|
if not post_data:
|
|
response_object = {
|
|
'status': 'error',
|
|
'message': 'Invalid payload.'
|
|
}
|
|
return jsonify(response_object), 400
|
|
email = post_data.get('email')
|
|
password = post_data.get('password')
|
|
try:
|
|
# check for existing user
|
|
user = User.query.filter(User.email == email).first()
|
|
if user and bcrypt.check_password_hash(user.password, password):
|
|
# generate auth token
|
|
auth_token = user.encode_auth_token(user.id)
|
|
response_object = {
|
|
'status': 'success',
|
|
'message': 'Successfully logged in.',
|
|
'auth_token': auth_token.decode()
|
|
}
|
|
return jsonify(response_object), 200
|
|
else:
|
|
response_object = {
|
|
'status': 'error',
|
|
'message': 'User does not exist.'
|
|
}
|
|
return jsonify(response_object), 404
|
|
# handler errors
|
|
except (exc.IntegrityError, exc.OperationalError, ValueError) as e:
|
|
db.session.rollback()
|
|
appLog.error(e)
|
|
response_object = {
|
|
'status': 'error',
|
|
'message': 'Try again'
|
|
}
|
|
return jsonify(response_object), 500
|
|
|
|
|
|
@auth_blueprint.route('/auth/logout', methods=['GET'])
|
|
def logout_user():
|
|
# get auth token
|
|
auth_header = request.headers.get('Authorization')
|
|
if auth_header:
|
|
auth_token = auth_header.split(" ")[1]
|
|
resp = User.decode_auth_token(auth_token)
|
|
if not isinstance(resp, str):
|
|
response_object = {
|
|
'status': 'success',
|
|
'message': 'Successfully logged out.'
|
|
}
|
|
return jsonify(response_object), 200
|
|
else:
|
|
response_object = {
|
|
'status': 'error',
|
|
'message': resp
|
|
}
|
|
return jsonify(response_object), 401
|
|
else:
|
|
response_object = {
|
|
'status': 'error',
|
|
'message': 'Provide a valid auth token.'
|
|
}
|
|
return jsonify(response_object), 403
|